81b31ca7e42d6ec8c9b7fab93442ab5e9699a5255f82c99ddec0b7f369a1d56a

Sharing

Copy URL Twitter E-mail

General

Target

81b31ca7e42d6ec8c9b7fab93442ab5e9699a5255f82c99ddec0b7f369a1d56a
Size

772KB
MD5

22564d2d90eb0d029ba71e1a52c897cb
SHA1

b81ee57780f979459a24cefc2031d7f73a9fe160
SHA256

81b31ca7e42d6ec8c9b7fab93442ab5e9699a5255f82c99ddec0b7f369a1d56a
SHA512

21d5cf3e71b381b8db9460ba129c2c3b1a2aba5e7277e736cca9c2890fd9067c4034acd3395121b7f7a326efe291157062d7657b5decee39e1f6aec98470cfa9
SSDEEP

12288:s2so0XiN/8FnKh3vX2IXVk8qKOaKAshAem3K37rk35:kcJyDaKAmAemT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81b31ca7e42d6ec8c9b7fab93442ab5e9699a5255f82c99ddec0b7f369a1d56a

Files

81b31ca7e42d6ec8c9b7fab93442ab5e9699a5255f82c99ddec0b7f369a1d56a
.exe windows x86

36b1be08543b1cce48b5cb7e8d698f04

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

recv
WSACleanup
WSAStartup
inet_addr
WSAAsyncSelect
closesocket
accept
listen
bind
htons
socket
gethostbyname
gethostname
send

mpr

WNetAddConnection2A
WNetCancelConnection2A

kernel32

CompareFileTime
Sleep
CreateProcessA
GetDriveTypeA
OpenFile
MultiByteToWideChar
GetModuleFileNameA
WinExec
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcess
LoadLibraryA
GetProcAddress
GetProcessAffinityMask
SetProcessAffinityMask
GetVersionExA
lstrlenA
CreateFileA
DeviceIoControl
CloseHandle
GetPrivateProfileStringA
_lopen
_lread
_lclose
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
FindFirstFileA
FindNextFileA
FindClose
WritePrivateProfileStringA
RemoveDirectoryA
CreateDirectoryA
GetProfileStringA
GetLocaleInfoW
SetConsoleCtrlHandler
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetUserDefaultLCID
EnumSystemLocalesA
LoadResource
FindResourceA
LockResource
GetModuleHandleA
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
GetVersion
FreeLibrary
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
LocalFree
FormatMessageA
lstrcpynA
SetLastError
MulDiv
WaitForSingleObject
SetEvent
ResumeThread
SetThreadPriority
SuspendThread
CreateEventA
GetCurrentThread
lstrcmpA
GetPrivateProfileIntA
GetFileAttributesA
GetTempFileNameA
GetFullPathNameA
SetFileTime
GetFileTime
GetDiskFreeSpaceA
GetLastError
GlobalFlags
SizeofResource
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
GetThreadLocale
DuplicateHandle
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
DeleteFileA
GetVolumeInformationA
GetStringTypeExA
GetShortPathNameA
GetFileSize
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileAttributesA
SetErrorMode
lstrlenW
GetTickCount
GlobalSize
CopyFileA
RtlUnwind
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetSystemTime
GetLocalTime
SetCurrentDirectoryA
CreateThread
ExitThread
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapAlloc
HeapFree
TerminateProcess
HeapReAlloc
HeapSize
GetACP
FatalAppExitA
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
SetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA

user32

IsChild
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
GetScrollInfo
ScrollWindow
IsWindowVisible
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
CheckDlgButton
GetDlgItemInt
SetDlgItemInt
IsDlgButtonChecked
ScrollWindowEx
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
CharToOemA
OemToCharA
wvsprintfA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
GetDesktopWindow
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
PtInRect
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
GetCursorPos
ValidateRect
GetMessageA
PostQuitMessage
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
GetClassNameA
GetDialogBaseUnits
GetSysColorBrush
LoadStringA
WindowFromPoint
SetRect
InsertMenuA
GetMenuStringA
DestroyIcon
GetCapture
CopyAcceleratorTableA
GetNextDlgGroupItem
InflateRect
GetDCEx
LockWindowUpdate
SetCapture
RegisterClipboardFormatA
SetParent
IsRectEmpty
AppendMenuA
GetSystemMenu
InvertRect
FillRect
RemoveMenu
PostThreadMessageA
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetMenuItemID
SetWindowPlacement
GetWindowTextLengthA
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
DrawTextA
LoadCursorA
SetCursor
LoadMenuA
GetSubMenu
ClientToScreen
TrackPopupMenu
DestroyMenu
GetAsyncKeyState
KillTimer
SetTimer
GetParent
GetMenu
DeleteMenu
GetSystemMetrics
MessageBeep
EnumWindows
SetForegroundWindow
GetWindowTextA
SetWindowTextA
GetDC
ReleaseDC
InvalidateRect
CharUpperA
FindWindowA
GetClientRect
GetWindowRect
MoveWindow
DlgDirListComboBoxA
GetDlgCtrlID
CheckRadioButton
SendDlgItemMessageA
MessageBoxA
CreateDialogParamA
ShowWindow
DestroyWindow
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
UpdateWindow
GetDlgItem
EndDialog
GetDlgItemTextA
SetDlgItemTextA
GetFocus
DialogBoxParamA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetFocus
SendMessageA
EnableWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
UnregisterClassA
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
GetWindowLongA
IsWindowEnabled
CharNextA
OffsetRect

gdi32

SetBkColor
GetObjectA
GetClipBox
StretchDIBits
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CreateDIBitmap
SetTextColor
GetCharWidthA
StartDocA
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetTextAlign
Rectangle
CreateFontA
SelectObject
DeleteObject
TextOutA
GetStockObject
Escape
DeleteDC
CreateDCA
SetDIBitsToDevice
GetTextExtentPointA
CopyMetaFileA
BitBlt
CreateRectRgnIndirect
CombineRgn
SetRectRgn
PatBlt
GetMapMode
LPtoDP
DPtoLP
GetBkColor
GetTextColor
CreateFontIndirectA
GetTextMetricsA
GetTextExtentPoint32A
ExtTextOutA
RectVisible
PtVisible
CreateDIBPatternBrushPt
CreatePatternBrush
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
CreateRectRgn
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
GetDCOrgEx

comdlg32

GetFileTitleA
PrintDlgA
GetOpenFileNameA
GetSaveFileNameA

shell32

DragQueryFileA
DragFinish
SHFileOperationA
ExtractIconA
DragAcceptFiles
SHGetFileInfoA

dic32u

DIC_FindByMgrCode

elitee

EleExecute
EleOpenFirstDevice
EleControl
EleClose

comctl32

ord17

oledlg

ord8

olepro32

ord253

gdiplus

GdipDeleteGraphics
GdipDrawImagePointsI
GdipCreateFromHDC
GdipGetImageHeight
GdipGetImageWidth
GdipLoadImageFromFile
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipCloneImage
GdipDisposeImage

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

SetFileSecurityA
RegSetValueA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegQueryValueA
GetFileSecurityA
RegCreateKeyA

ole32

CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
WriteFmtUserTypeStg
ReleaseStgMedium
CLSIDFromProgID
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
SetConvertStg
CreateBindCtx
OleDuplicateData
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoDisconnectObject
OleRun
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString

oleaut32

VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysReAllocStringLen
LoadTypeLi
SysStringLen
SysAllocStringLen
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SysFreeString
SafeArrayDestroyDescriptor
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysStringByteLen
SysAllocStringByteLen
SafeArrayRedim
SafeArrayCreate
SysAllocString

Sections

.text
Size: 528KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 10.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36b1be08543b1cce48b5cb7e8d698f04

Headers

File Characteristics

Imports

wsock32

mpr

kernel32

user32

gdi32

comdlg32

shell32

dic32u

elitee

comctl32

oledlg

olepro32

gdiplus

winspool.drv

advapi32

ole32

oleaut32

Sections

.text Size: 528KB - Virtual size: 526KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 32KB - Virtual size: 10.4MB

.idata Size: 20KB - Virtual size: 17KB

.rsrc Size: 52KB - Virtual size: 48KB

.reloc Size: 64KB - Virtual size: 63KB

.text
Size: 528KB - Virtual size: 526KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 32KB - Virtual size: 10.4MB

.idata
Size: 20KB - Virtual size: 17KB

.rsrc
Size: 52KB - Virtual size: 48KB

.reloc
Size: 64KB - Virtual size: 63KB